Strange April Fools’/D-Day Prank

While the computing population is secretly expecting fireworks once DOWNAD-infected PCs start accessing some of its 50,000 generated URLs, we at Trend Micro know that cybercrime operates in almost absolute stealth. Preaching this alongside best practices like immediately installing OS, productivity and security software updates is a drum security workers beat tirelessly.

In an anti-climactic turn, spammers are using this particular D-Day event in a peculiar spam run. We received an email message claiming it came from WORM_DOWNAD.KK. Note that the industry more commonly calls the worm referred to in this spam as Conficker, and that WORM_DOWNAD.KK follows the naming convention here at Trend Micro and is our detection for the latest DOWNAD/Conficker variant set to launch a routine on April 1.

Figure 1. Sample DOWNAD spam

It threatens its victim by saying that it will infect his/her system so the user must perform actions like backing up data and scanning for viruses. It also says that it is an auto-generated email so one should not reply to it. However, the recipient’s email address is the same as the sender’s. Another characteristic which is also noticeable in this mail is that it does not contain malware as an attachment or a link that directs to download a malware.

To what end? No one knows, but in case the source of this email ever attempts to send a more dangerous version of this prank, Smart Protection Network protects users by blocking spam and spam sources.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:

Security Predictions for 2018

Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.Read our security predictions for 2018.

Business Process Compromise

Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more,
read our Security 101: Business Process Compromise.